def reset_password_wtoken(token): try: # the users have one hour to use previous token email = read_timed_token(token, "reset password", 3600) except Exception: flash_error("The link is invalid or has expired.") return redirect(url_for(".info")) if not userdb.user_exists(email): flash_error("The link is invalid or has expired.") return redirect(url_for(".info")) if request.method == "GET": return render_template("reset_password_wtoken.html", title="Reset password", token=token) elif request.method == "POST": pw1 = request.form["password1"] pw2 = request.form["password2"] if pw1 != pw2: flash_error("Oops, passwords do not match!") return redirect(url_for(".reset_password_wtoken", token=token)) if len(pw1) < 8: flash_error("Oops, password too short. Minimum 8 characters please!") return redirect(url_for(".reset_password_wtoken", token=token)) userdb.change_password(email, pw1) flask.flash(Markup("Your password has been changed. Please login with your new password.")) return redirect(url_for(".info"))
def confirm_email(token): try: # the users have 24h to confirm their email email = read_timed_token(token, 'confirm email', 86400) except Exception: flash_error('The confirmation link is invalid or has expired.') user = SeminarsUser(email=email) if user.email_confirmed: flash_error('Email already confirmed.') else: user.email_confirmed = True user.save() flask.flash('You have confirmed your email. Thanks!', 'success') return redirect(url_for('.info'))
def endorse_wtoken(token): try: # tokens last forever endorser, email = read_timed_token(token, "endorser", None) except Exception: return flask.abort(404, "The link is invalid or has expired.") return redirect(url_for(".info")) if current_user.is_creator: flash_error("Account already has creator privileges.") elif current_user.email.lower() != email.lower(): flash_error("The link is not valid for this account.") else: current_user.endorser = int(endorser) # must set endorser first current_user.creator = True # this will update the db return redirect(url_for(".info"))
def confirm_email(token): try: # the users have 24h to confirm their email email = read_timed_token(token, "confirm email", 86400) except Exception: flash_error("The confirmation link is invalid or has expired.") else: if current_user.email.lower() != email.lower(): flash_error("The link is not valid for this account.") elif current_user.email_confirmed: flash_error("Email already confirmed.") else: current_user.email_confirmed = True current_user.save() flask.flash("You have confirmed your email. Thanks!", "success") return redirect(url_for(".info"))
def endorse_wtoken(token): try: # tokens last forever endorser, email = read_timed_token(token, "endorser", None) except Exception: return flask.abort(404, "The link is invalid or has expired.") return redirect(url_for(".info")) if current_user.is_creator: flash_error("Account already has creator privileges.") elif current_user.email.lower() != email.lower(): flash_error("The link is not valid for this account.") else: userdb.make_creator(current_user.email, int(endorser)) current_user.save() flask.flash("You can now create seminars. Thanks!", "success") return redirect(url_for(".info"))
def endorse_wtoken(token): try: # tokens last forever endoser, email, phd = read_timed_token(token, 'endorser', None) except Exception: flash_error('The link is invalid or has expired.') if current_user.creator: flash_error('Account already has creator privileges.') elif current_user.email != email: flash_error('The link is not valid for this account.') elif not current_user.email_confirmed: flash_error('You must confirm your email first.') else: user.endorser = int(endorser) user.creator = True user.phd = bool(phd) user.save() flask.flash('You can now create seminars. Thanks!', 'success') return redirect(url_for('.info'))